diff --git a/.drone.jsonnet b/.drone.jsonnet
new file mode 100644
index 0000000..fcf5597
--- /dev/null
+++ b/.drone.jsonnet
@@ -0,0 +1,69 @@
+local AnsibleVersions(version="latest", package="ansible") = {
+ name: "ansible-" + version,
+ image: "python:3.7",
+ pull: "always",
+ environment: {
+ PY_COLORS: 1
+ },
+ commands: [
+ "pip install " + package + " ansible-later~=0.2.0 -qq",
+ "git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy",
+ "ansible-later -c ~/policy/config.yml"
+ ],
+ depends_on: [
+ "clone",
+ ],
+};
+
+local PipelineLinting = {
+ kind: "pipeline",
+ name: "linting",
+ platform: {
+ os: "linux",
+ arch: "amd64",
+ },
+ steps: [
+ AnsibleVersions(version="latest", package="ansible"),
+ AnsibleVersions(version="master", package="git+https://github.com/ansible/ansible.git@devel"),
+ ],
+ trigger: {
+ ref: ["refs/heads/master", "refs/tags/**", "refs/pull/**"],
+ },
+};
+
+local PipelineNotifications = {
+ kind: "pipeline",
+ name: "notifications",
+ platform: {
+ os: "linux",
+ arch: "amd64",
+ },
+ clone: {
+ disable: true,
+ },
+ steps: [
+ {
+ name: "matrix",
+ image: "plugins/matrix",
+ settings: {
+ homeserver: "https://matrix.rknet.org",
+ roomid: "MtidqQXWWAtQcByBhH:rknet.org",
+ template: "Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}",
+ username: { "from_secret": "matrix_username" },
+ password: { "from_secret": "matrix_password" },
+ },
+ },
+ ],
+ depends_on: [
+ "linting",
+ ],
+ trigger: {
+ status: [ "success", "failure" ],
+ ref: ["refs/heads/master", "refs/tags/**"],
+ },
+};
+
+[
+ PipelineLinting,
+ PipelineNotifications,
+]
diff --git a/.drone.yml b/.drone.yml
index 289d224..3be4bb2 100644
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,22 +1,78 @@
---
kind: pipeline
-name: default
+name: linting
+
+platform:
+ os: linux
+ arch: amd64
steps:
- - name: ansible-latest
- image: python:2.7
- pull: always
- commands:
- - pip install ansible ansible-later -q
- - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
- - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
- depends_on: [ clone ]
+- name: ansible-latest
+ pull: always
+ image: python:3.7
+ commands:
+ - pip install ansible ansible-later~=0.2.0 -qq
+ - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+ - ansible-later -c ~/policy/config.yml
+ environment:
+ PY_COLORS: 1
+ depends_on:
+ - clone
- - name: ansible-master
- image: python:2.7
- pull: always
- commands:
- - pip install ansible ansible-later -q
- - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
- - git ls-files *[^LICENSE,.md] | xargs ansible-later -c ~/policy/config.ini
- depends_on: [ clone ]
+- name: ansible-master
+ pull: always
+ image: python:3.7
+ commands:
+ - "pip install git+https://github.com/ansible/ansible.git@devel ansible-later~=0.2.0 -qq"
+ - git clone https://gitea.rknet.org/ansible/ansible-later-policy.git ~/policy
+ - ansible-later -c ~/policy/config.yml
+ environment:
+ PY_COLORS: 1
+ depends_on:
+ - clone
+
+trigger:
+ ref:
+ - refs/heads/master
+ - "refs/tags/**"
+ - "refs/pull/**"
+
+---
+kind: pipeline
+name: notifications
+
+platform:
+ os: linux
+ arch: amd64
+
+clone:
+ disable: true
+
+steps:
+- name: matrix
+ image: plugins/matrix
+ settings:
+ homeserver: https://matrix.rknet.org
+ password:
+ from_secret: matrix_password
+ roomid: MtidqQXWWAtQcByBhH:rknet.org
+ template: "Status: **{{ build.status }}**
Build: [{{ repo.Owner }}/{{ repo.Name }}]({{ build.link }}) ({{ build.branch }}) by {{ build.author }}
Message: {{ build.message }}"
+ username:
+ from_secret: matrix_username
+
+trigger:
+ ref:
+ - refs/heads/master
+ - "refs/tags/**"
+ status:
+ - success
+ - failure
+
+depends_on:
+- linting
+
+---
+kind: signature
+hmac: 687734cdf50961bf62d00f2fef97c004cd6b0f3dd6452da8ce4c9a08680992b5
+
+...
diff --git a/defaults/main.yml b/defaults/main.yml
index 2677036..b1ace2b 100644
--- a/defaults/main.yml
+++ b/defaults/main.yml
@@ -10,3 +10,7 @@ postfix_relay_sasl_passwd: secure
postfix_relay_smtpd_banner:
- ESMTP
- $mail_name
+
+postfix_relay_senders:
+ - user: root
+ address: "{{ ansible_hostname }}@{{ postfix_relay_sasl_domain }}"
diff --git a/tasks/install.yml b/tasks/install.yml
index e07c483..cb19ea2 100644
--- a/tasks/install.yml
+++ b/tasks/install.yml
@@ -1,13 +1,8 @@
---
-- name: Install postfix mta
- block:
- - name: Install required packages
- package:
- name: "{{ item }}"
- state: present
- with_items:
- - postfix
- - cyrus-sasl-plain
- - mailx
+- name: Install required postfix packages
+ package:
+ name: "{{ item }}"
+ state: present
+ loop: "{{ __postfix_relay_packages }}"
become: True
become_user: root
diff --git a/templates/etc/postfix/sasl_passwd.j2 b/templates/etc/postfix/sasl_passwd.j2
index 4346b14..497b809 100644
--- a/templates/etc/postfix/sasl_passwd.j2
+++ b/templates/etc/postfix/sasl_passwd.j2
@@ -1,3 +1,4 @@
+#jinja2: lstrip_blocks: True
# {{ ansible_managed }}
[{{ postfix_relay_sasl_host }}]:{{ postfix_relay_sasl_port }} {{ postfix_relay_sasl_user }}@{{ postfix_relay_sasl_domain }}:{{ postfix_relay_sasl_passwd }}
diff --git a/templates/etc/postfix/sender_canonical.j2 b/templates/etc/postfix/sender_canonical.j2
index 6205fff..25047b4 100644
--- a/templates/etc/postfix/sender_canonical.j2
+++ b/templates/etc/postfix/sender_canonical.j2
@@ -1,3 +1,6 @@
+#jinja2: lstrip_blocks: True
# {{ ansible_managed }}
-root {{ ansible_hostname }}@{{ postfix_relay_sasl_domain }}
+{% for sender in postfix_relay_senders %}
+{{ sender.name }} {{ sender.address }}
+{% endfor %}
diff --git a/vars/main.yml b/vars/main.yml
new file mode 100644
index 0000000..9a65829
--- /dev/null
+++ b/vars/main.yml
@@ -0,0 +1,5 @@
+---
+__postfix_relay_packages:
+ - postfix
+ - cyrus-sasl-plain
+ - mailx